package com.net.xpay.operator.secutiry;

import com.google.common.base.Strings;
import com.net.common.web.CookieHelper;
import com.net.xpay.core.constant.OperatorUserWebConstant;
import com.net.xpay.core.helper.DomainHelper;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.filter.OncePerRequestFilter;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * @author  on 06/03/2018.
 */
@Slf4j
public class RememberMeFilter extends OncePerRequestFilter {
    private SessionManager sessionManager;
    private AuthenticationManager authenticationManager;
    private SecurityHelper securityHelper;
    private DomainHelper domainHelper;

    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
        Authentication exist = SecurityContextHolder.getContext().getAuthentication();
        if (exist == null) {
            AutoLoginToken autoToken = createAuthentication(request, response);
            if (autoToken != null) {
                try {
                    Authentication auth = authenticationManager.authenticate(autoToken);
                    SecurityContextHolder.getContext().setAuthentication(auth);
                } catch (AuthenticationException authenticationException) {
                    securityHelper.removeInvalidSessionCookie(request, response);
                }
                if (logger.isDebugEnabled()) {
                    logger.info("Populated SecurityContextHolder from remember me token: '"
                            + SecurityContextHolder.getContext().getAuthentication() + "'");
                }
            }
        }

        filterChain.doFilter(request, response);
    }

    private AutoLoginToken createAuthentication(HttpServletRequest request, HttpServletResponse response) {
        String rememberMeCookie = CookieHelper.getCookie(request, OperatorUserWebConstant.REMEMBER_ME_COOKIE_NAME);
        log.info("rememberMeCookie = {}", rememberMeCookie);
        if (Strings.isNullOrEmpty(rememberMeCookie)) {
            return null;
        }

        return sessionManager.getAutoLoginTokenFromRememberMe(rememberMeCookie, request, response);
    }

    public void setSessionManager(SessionManager sessionManager) {
        this.sessionManager = sessionManager;
    }

    public void setAuthenticationManager(AuthenticationManager authenticationManager) {
        this.authenticationManager = authenticationManager;
    }

    public void setSecurityHelper(SecurityHelper securityHelper) {
        this.securityHelper = securityHelper;
    }

    public void setDomainHelper(DomainHelper domainHelper) {
        this.domainHelper = domainHelper;
    }
}
